Cyber Security Analyst  •  HSBC Software Development (India) Private Limited

January 2021 - Present

Responsible for Infrastructure support for IBMi in safeguarding the organization's digital assets, and ensuring the confidentiality, integrity, and availability of critical information. I will work closely with the security teams to identify vulnerabilities, implement security measures, and respond to cybersecurity incidents.

• Conduct regular assessments of security configurations, policies, and access controls on IBMi systems to identify vulnerabilities and weaknesses.

• Monitor logs, alerts, and security events to detect and respond to potential threats and security incidents on IBMi platforms.

• Implement incident response plans for IBMi systems and recovery procedures through the Service Now tool.

• Manage user access permissions, and role-based access control, and ensure the principle of least privilege is enforced on IBMi systems.

• Stay up-to-date with IBM i security patches and vulnerabilities, and ensure timely patching of systems to mitigate risks.

• Ensure compliance with industry regulations and standards (e.g., PCI DSS, HIPAA) pertaining to IBMi systems and report on compliance status.

• Maintain accurate documentation related to security configurations, procedures, and incident response plans in the confluence tool.

• Collaborate with cross-functional teams, including IT, network security, and compliance teams, to enhance overall security posture.

Senior Associate Cyber Security / IT Security Analyst  •  HSBC Software Development (India) Private Limited

July 2016 - December 2020

Responsible for Access Provisioning for applications in different processes (HBFR HUB SUPPORT) involves managing user access to various systems, applications, and resources to ensure that employees have the appropriate permissions and access rights needed to perform their roles effectively while maintaining security and compliance.

• Create user accounts and profiles for new employees in compliance with company policies and security standards.
• Modify and update user access rights as necessary, such as role changes, transfers, or promotions.
• Disable or delete user accounts for terminated or departing employees promptly to prevent unauthorized access.
• Ensuring that access provisioning procedures adhere to regulatory requirements, industry standards, and company security policies.
• Conduct periodic access reviews and audits to identify and rectify access violations or unauthorized access.
• Generate reports on access provisioning activities, access reviews, and compliance status for management and audit purposes.
• Report any security incidents or breaches related to access.
• Collaborate with cross-functional teams to streamline access management workflows.

IT Security Analyst  •  HSBC Software Development (India) Private Limited

July 2015 - June 2016

Responsible for managing and overseeing the recertification process for user access to various systems and resources within our organization. Worked closely with IAM administrators, compliance teams, and business stakeholders to ensure that user access rights are aligned with organization policies and compliance requirements.
• Preparation of manual application feeds and performing UAT testing before pushing them into production. Working with Global Access Management Recertification(GAMR), which performs a user access review process for specific IT systems and applications
• Recertifying the user’s access to all the SOX applications using the GiAM tool, including periodic review, transfer-based review, and segregation of duty-based review by removing all toxic combinations.
• Preparation of daily validation reports for GBM and AMG applications from the GIAM tool and sending an update to the business.
• Investigating the errors caused by the validation of the feed files and raising necessary incident tickets to successfully validate the feed and contact the development team for the feed content issues.
• Performing orphan remediation for all the non-person accounts and user accounts by manually uploading the details to the GIAM tool.
• Reassigning the account reviewers to the recertification admin portal.
• Onboarding SOX (Sarbanes Oxley) and High-risk Applications to GiAM Tool Working with Application Owners and explaining the advantages of GiAM Tool performing integrity testing of the feeds preparing glossary files.
• Worked with leads, managers, support teams, and application owners to update new & missing business application administration procedures and help in maintaining and updating the team SharePoint.
• Successful resolution of any email that is sent to the group mailbox within the SLA.
• Perform user revalidation on all Medium, High, and Sox Applications as part of the internal Audit. Responsible for working on SOX audit evidence gathering for the team operations.
• Ensuring compliance with PWC audit requirements for the respective area.
• Working on Daily Leavers & Transfers will segregate the information and remove the user’s access to Global Banking & Markets Applications within SLA and send mail to the user manager to check the access confirmation.
• Application Access Data Base (AADB) refresh if there are any changes in the application, we request for the new application and upload it to AADB.

Transport Layer Security (TLS):
• Monitoring the mailbox and testing the external domains working on TLS delivery failure issues.
• Run the test cases for TLS status in Check TLS and Forced TLS.
• Working on email failure incidents to check if the client supports TLS using the check TLS tool, if it shows fails for TLS revert domains to OPP TLS by sending test emails to domains.
• Played a crucial part in onboarding client domains to Forced TLS.